Highest Voted 'storage' Questions - IT Security Stack Exchange

0

votes

1 answer

Can't Amazon see my files if I use s3cmd/gpg with a complex password?

Since the early days of s3cmd I use it in combination with random generated filenames (uuidgen loop) and a complex passphrase (pwgen -n1 -c 32 -y). On security.stackexchange.com search there is only 1 result for s3cmd. I use Amazon S3 (Glacier) for…

asked Sep 25 '20 at 07:37

Sybil

1,435
2
15
29

0

votes

2 answers

Is it expensive for ISPs to store browsing, text and call logs?

I couldn't really find this answer anywhere. If an ISP was to record every browsing, call and text we make/send, would it be expensive for them log and store this? Assume an ISP has 4 million devices accessing the internet. Where I live it's not…

network storage isp

asked May 10 '19 at 17:23

Tom

1

0

votes

0 answers

How to defeat confirmation-of-a-file attack?

Suppose you want to upload some files to an online storage without the storage provider figuring out what you have uploaded. The obvious thing to do is of course to encrypt the files. However, we still suffer from a confirmation-of-a-file attack -…

privacy storage side-channel

asked Apr 18 '19 at 09:19

anon

1
1

0

votes

2 answers

Is it reasonable to store HMAC secret key in memory only?

I'm building a web application using Spring Boot for the backend and Angular for the frontend and planning on using JWTs signed with HMAC-SHA256 for authentication/authorization. I've been thinking about what would be the best place to store the…

authentication hmac storage

asked Dec 23 '18 at 19:54

justanoob

103
2

0

votes

2 answers

What are the security concerns for base64 encoded JSON files?

In a REST API, I'd like to receive images as base64 encoded strings in a JSON objects fron user's post and save them to disk using node.js fs module. The request body are objects like: { file: 'data:image/png;base64,iVBORw0KGgoAAA... I'm…

storage json image

asked Oct 19 '18 at 09:24

Karlom

135
1
6

0

votes

1 answer

Storing all past (user generated) passwords (bcrypted)

I am working on application where I want to add support for Event Sourcing and I am thinking how to solve problem of the passwords (unfortunately I cannot delegate authorisation to external service). The problem I have encountered is the question…

passwords storage

asked Aug 21 '18 at 18:37

Hauleth

133
4

0

votes

1 answer

Can malware affect storage devices lower than mbr

I found the worm rammit on one of my windows computers so I'm a bit paranoid now about all my dated usb, hdds, etc. Does malware commonly affect devices lower than the mbr. For instance is shred /dev/sda fdisk -u /dev/sda mkfs /dev/sda1 going to…

storage worm

asked Jun 13 '18 at 13:01

JimiMyFr13nd

27
1

0

votes

1 answer

Can hackers access Firefoxs login storage through the internet?

Is it possible for hackers to access my Firefox browsers login storage through the internet? For instance if I visit a malicious website?

authentication firefox storage

asked Jun 09 '18 at 18:11

Sjur Tjelta

31

0

votes

2 answers

Privacy concern about file modification on SSDs

We all know that files which are deleted from a modern system usually don't get erased immediately from memory, which is a security risk in itself. However, this question focuses on a different topic: suppose that a file on the system, which is…

storage file-system

asked Feb 19 '18 at 13:32

John

3
2

0

votes

1 answer

Encryption Key Storage for the Average User

I use KeePass and Veracrypt on my home computer. In addition to a strong password, I also use key files, for example, Veracrypt lets you choose any file on your computer(mp3, jpeg, etc..) as the key. How then would I go about storing/backing up…

storage keepass

asked Oct 17 '17 at 15:16

user161164

0

votes

3 answers

Storing Username and Password in Application memory (ram)

I've created a user application running on Windows 7 desktops. This application allows users to enter their username and password for another system. My application does this with a simple textbox. Currently, I'm storing this data in memory for the…

passwords memory storage

asked Sep 04 '17 at 20:45

Steve Short

1
1

0

votes

1 answer

How to set up a server for files?

I have a specialized software that I have created that can generate gigabytes worth of random data in seconds. I want to put all of these randomized, large files into a location to where it can be accessed by 3-4 different computers in my workplace.…

server storage

asked Jul 24 '17 at 03:48

noodles

83
4

0

votes

1 answer

Which is potentially more secure, an encrypted secondary drive or local NAS box?

I have both and I wonder where I should keep my data. On one hand my encrypted drive is unlocked most of the time when I'm logged in so it's just as susceptible to a virus or a malicious application as any other file on the computer. Then again,…

encryption server storage

asked Oct 26 '16 at 21:54

Rtsne42

103
3

0

votes

1 answer

Can virtual machines access files/drives protected by host?

Say I have a windows machine with a recovery partition that is locked with system permissions and is inaccessible through the windows operating system. Is it possible that a virtual machine running within windows could mount other drives as…

virtualization storage permissions windows-permissions

asked Aug 03 '16 at 13:26

Verbal Kint

737
1
6
20

0

votes

2 answers

Why is it a problem to store strong passwords as unsalted hashes?

My users all have strong (80-bit true entropy) passwords. How do I know that? Because my imaginary website randomly generates the passwords for them (client-side). In that context, could you explain why it would be a problem to store them as plain…

passwords hash brute-force storage

asked Jul 01 '16 at 10:41

John Blatz

991
10
16

Questions tagged [storage]